9/13/2011. Miscellaneous Current Topics in Healthcare Professional Liability. Antitrust Notice. Table of Contents. Cyber Liability.

Transcription

1 Miscellaneous Current Topics in Healthcare Professional Liability Josh Zirin, FCAS, MAAA Antitrust Notice The Casualty Actuarial Society is committed to adhering strictly to the letter and spirit of the antitrust laws. Seminars conducted under the auspices of the CAS are designed solely to provide a forum for the expression of various points of view on topics described in the programs or agendas for such meetings. Under no circumstances shall CAS seminars be used as a means for competing companies or firms to reach any understanding expressed or implied that restricts competition or in any way impairs the ability of members to exercise independent business judgment regarding matters affecting competition. It is the responsibility of all seminar participants to be aware of antitrust regulations, to prevent any written or verbal discussions that appear to violate these laws, and to adhere in every respect to the CAS antitrust compliance policy. 1 Table of Contents Cyber Liability Clinical Trials 2 1

2 Cyber Liability What is? Some actual examples of privacy breach: UCLA a hacker broke into a university database and stole up to 800,000 people s records (SSN, birth dates, addresses, etc.) University of Utah Hospitals & Clinics notified 2.2 million patients and payers that backup tapes containing billing information were stolen out of a storage company car Johns Hopkins more than 10,000 patients affected by a data breach. A hospital employee in patient registration used patient information in an identity theft scheme Beth Israel Medical Center a computer service vendor failed to restore proper security settings on a computer and it became infected with a virus that transmitted data files offsite Cyber Liability includes lawsuits arising from: Dissemination of unauthorized private information, intellectual property infringement, libel, slander, invasion of privacy, system security failures that result in harm to third parties, etc. 4 Laws and Regulations Security Breach Notification Laws Currently 46+ states have notification laws Began with California Data Breach Disclosure Law (2003) Most state laws require organizations to immediately disclose a data breach to customers (usually in writing) A number of bills have been introduced in the U.S. Congress that would establish a national standard for security breach notification, but none have passed as of yet National PHI (Protected Health Information) Legislation HIPAA establishes regulations for the use and disclosure of PHI HITECH enacted in 2009 as an enhancement to HIPAA» Establishes new, more severe penalties for non-compliance 5 2

3 Cost of a Data Breach The average cost of a data breach is in excess of $200 per record and rising* What is included in the cost of a data breach? Forensics and Legal Analysis Notification Costs Call Center Credit Monitoring Replacement Cards (if applicable) Lost Business Reputational Risk * Source: Ponemon Institute / PGR Report Coverage Considerations and Exposure Factors Coverage Considerations First Party Coverage Considerations business interruption, loss due to theft of information assets, cyber extortion, crisis management, breach response, identity theft expenses, regulatory penalties Third Party Coverage (Cyber Liability) Exposure Factors Size (Revenue) and type-of-operation System and laptop security policies Third-party agreements (e.g. website, ASP, backup, etc.) Disaster Recovery plans Incident Response plans Security Breach history 7 Malpractice Policy Considerations Physicians Hospitals 8 3

4 Clinical Trials Clinical Trials Liability What is Clinical Trials Liability? Clinical Trials Definition and Issues Entities with exposure: Sponsoring Organizations Physician Investigators Hospitals where Equipment is Used Arising out of: Clinical Research Services Medical Services Billing-Related Activities 10 Clinical Trials Impact on Medical Malpractice Sponsors of Clinical Trials include: Government agencies such as the National Institute of Health (NIH), the Department of Defense (DOD), and the Department of Veteran's Affairs (VA) Pharmaceutical, biotechnology and medical devices companies Individual researchers Health care institutions such as academic medical centers and health maintenance organizations (HMOs) Medical Malpractice policies may or may not include coverage for liability arising out of clinical trials 11 4

5 Clinical Trials Examples of Claims Suit against the hospital and manufacturer by the widow of an artificial heart recipient alleging that information they received prior to his implantation was insufficient to properly inform them of the ramifications of their decision to participate. Suit against research center from patients suffering from leukemia who died after participating in bone marrow transplant trials. Suit against university after death during a gene therapy trial, raising allegations that subjects were not provided with sufficient information regarding the risks of liver damage. 12 Clinical Trials Liability Exposure Factors Exposure Factors Number of Studies Institutional Review Board ( IRB ) Informed Consent Financial Incentives / Disclosure Outsourced functions, e.g. patient recruitment Experience level of Physician Investigators ( PI s ) Monitoring 13 Impact of Healthcare Reform 5

6 Current Status Patient Protection and Affordable Care Act (PPACA), signed March 23, 2010 Health Care and Education Reconciliation Act of 2010 (H.R. 4872), which amended the PPACA and became law on March 30, 2010 States and others have filed suits in federal court challenging the constitutionality of the PPACA Appellate Courts split on constitutionality Different rulings on individual mandate, and whether certain individuals provisions can be ruled unconstitutional without the entire Act being struck (severability) Supreme Court expected to review 15 Some Potential Implications for Medical Malpractice Creation of new entities: Healthcare Exchanges Accountable Care Organizations More patients in the system Government involvement in quality of care standards and measurement Changing economics of physician / hospital alignment Consolidation among hospitals, physicians and health insurers 16 Accountable Care Organizations ( ACO s) New model under PPACA organization for providing care for Medicare patients consisting of hospitals, physicians, etc. involving quality measures, Shared Savings Program Issues with professional liability/medical malpractice coverage: ACO structure and organization Risk Management structures within the ACO context Concept of tying payment to outcomes Vicarious liability issues 17 6

7 Possible System Changes Malpractice Reform Provisions in the Act Other Tort Reform trends at the state and federal levels Organizational Liability and no-fault Systems 18 7